Steve-Dee-Designs
/
woocommerce
mirror of https://github.com/woocommerce/woocommerce.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Security fix

This commit is contained in:
Grzegorz Rola 2017-11-06 18:50:26 +01:00
parent d8a6cc6eb2
commit 4f4a3460a3
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
includes/admin/class-wc-admin-log-table-list.php
View File

@ -336,7 +336,8 @@ class WC_Admin_Log_Table_List extends WP_List_Table {
} }
if ( ! empty( $_REQUEST['s'] ) ) { if ( ! empty( $_REQUEST['s'] ) ) {
$where_conditions[] = 'message like %s'; $where_conditions[] = 'message like %s';
$where_values[] = '%' . wc_clean( $_REQUEST['s'] ) . '%'; $s = wp_unslash( trim( $_REQUEST[ 's' ] ) );
$where_values[] = $wpdb->esc_like( $s );
} }
if ( ! empty( $where_conditions ) ) { if ( ! empty( $where_conditions ) ) {